search

Didstopia / rust-server

Provides a dedicated linux server for Rust (the game) running inside a Docker container.
MIT License
243 stars 105 forks source link

[Snyk] Upgrade ws from 6.1.2 to 6.2.2 #123

Open Dids opened 9 months ago

Dids commented 9 months ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade ws from 6.1.2 to 6.2.2.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **5 versions** ahead of your current version. - The recommended version was released **2 years ago**, on 2021-06-01. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-WS-1296835](https://snyk.io/vuln/SNYK-JS-WS-1296835) | **586/1000**
**Why?** Proof of Concept exploit, Has a fix available, CVSS 5.3 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: ws
  • 6.2.2 - 2021-06-01
  • 6.2.1 - 2019-03-27
  • 6.2.0 - 2019-03-06
  • 6.1.4 - 2019-02-16
  • 6.1.3 - 2019-01-24
  • 6.1.2 - 2018-11-17
from ws GitHub release notes
Commit messages
Package name: ws
  • 9bdb580 [dist] 6.2.2
  • 78c676d [security] Fix ReDoS vulnerability
  • d57db27 [dist] 6.2.1
  • 40734d8 [minor] Add missing option in JSDoc comment
  • 0556f31 [doc] Add TOC to ws.md (#1539)
  • aa1dcd5 [fix] Make `WebSocket#close()` set the close timer immediately
  • 297f56d [minor] Remove unneeded `if` statement
  • bcab373 [test] Increase code coverage
  • 3a5a20a Revert "[ci] Cache dependencies"
  • 9a89e5d [ci] Cache dependencies
  • 7f5025d [test] Fix flaky test
  • 148c373 [test] Prefer arrow functions
  • 3df8242 [test] Remove comment to disable eslint rule
  • a40e29f [minor] Remove length threshold
  • 6c22584 [minor] Buffer writes if the frame to send is made of multiple chunks
  • 1842197 [test] Remove useless test
  • eb6f8b0 [dist] 6.2.0
  • 161f303 [feature] Add ability to follow redirects (#1490)
  • a6e94f4 [minor] Move all buffer conversion functions to the buffer-util module
  • 71ee9ed chore(package): update eslint to version 5.15.0 (#1522)
  • 855494d [test] Fix flaky test
  • 8c21add [codestyle] Add .gitattributes
  • faf9b36 [ci] Let Travis CI handle x64 Windows tests
  • bcb8a98 [ci] Test on macOS
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/didstopia/project/6e8c64c9-76ad-4db7-8e3f-4f5492476c55?utm_source=github&utm_medium=referral&page=upgrade-pr) πŸ›  [Adjust upgrade PR settings](https://app.snyk.io/org/didstopia/project/6e8c64c9-76ad-4db7-8e3f-4f5492476c55/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) πŸ”• [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/didstopia/project/6e8c64c9-76ad-4db7-8e3f-4f5492476c55/settings/integration?pkg=ws&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)